Menu
I would like to be able to use auth0 as identity provider, so having all login part done through auth0 and using keycloak as authorization manager, so having all user permission management done through keycloak. Is there any way to do this ?
482
Yes there is.
Keycloak allows you to create mappers for custom identity providers, so that you can extract roles and attributes from your provider to keycloak. That way you will be able to use ABAC or RBAC in Keycloak, with still user permission management done through Auth0.
First you can add Auth0 as an identity provider through OpenID Connect or SAML2. Go to your Auth0 app config > advanced setttings > endpoints to get all the required information to create a new identity provider.
Then you need to create mappers in your identity provider, so you can import attributes or roles from Auth0 token. Documentation is available at https://www.keycloak.org/docs/latest/server_admin/index.html#_mappers
Now your user in Keycloak will have attributes and roles you mapped from Auth0.
Next enable Authorization on your client. You can now define your resources, scopes, policies and permissions in it. See https://www.keycloak.org/docs/latest/authorization_services/index.html
52
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
